From: CoB SysAdmin (Joe Emenaker) <[EMAIL PROTECTED]>
> Agreed that there is the perception that the development effort has been
> keeping a secret from us that we should have been made aware of.
I got a message out to debian-announce within an hour after I made a
decision.
> o How close did Debian 1.2 come to being released after the X 3.1 bug was
> known?
Note the following message on debian-devel, which you can find in list
archives, that points out that we were planning to _publicize_ the
security bug and provide the user with a choice of which X to install.
We do have a "private" list, but this argument was carried out in
public view on debian-devel. The private list is useful when a security
bug comes out and you want to tell people to fix it before you tell the
world about how to exploit the bug.
! From bruce Thu Nov 28 14:24:25 1996
! To: [EMAIL PROTECTED], Bruce Perens <[EMAIL PROTECTED]>, "Brian C. White"
! <[EMAIL PROTECTED]>
! Subject: 1.2 closing issues
! Cc: Debian Developers <debian-devel@lists.debian.org>
! Reply-To: Bruce Perens <[EMAIL PROTECTED]>
! References: <[EMAIL PROTECTED]>
!
! From: "Brian C. White" <[EMAIL PROTECTED]>
! > If the boot disks are ready and Rex can be installed from CD with
! > little or no trouble, then I stand by my original preference of
! > shipping Rex as it stands today.
!
! Boot disks have one show-stopper bug, already published to debian-devel.
! Cold-install instruction edit isn't done. Mostly it's just changing URLs.
! ETA for both of those, tomorrow or late tonight.
!
! The other action item would be placing a copy of the X 3.2 packages
! from "bo" in a special directory with instructions for upgrading and
! its own Packages file. The X upgrade can be treated as a "distribution"
! like "non-free" or "contrib", and the user can easily upgrade to X 3.2
! with just a few commands to dpkg-ftp. I will also make sure it's
! included on CDs by mentioning it in the CD manufacturer release notes.
! The "xdependencies" package would have to be constructed. Guy or I can
! do all of this in an hour or so. I probably would not get to it
! tonight, so if you can get to it first, Guy, please go ahead. That will
! neatly remove the major open issue with 1.2, and leave the user in charge
! of which X is installed.
!
> o Who was in favor of releasing it with X 3.1 and why?
> o Who was in favor of waiting, and why?
> o Who has resigned as a result of all of this and what did they control?
Please look over the debian-devel mailing list archive on www.debian.org.
I have taken over control of releases from Brian C. White. That is the
resignation we were taking about. Brian is still working on Debian as of
this morning.
> I should point out that Nixon's real crime was in trying
Please don't compare me to Nixon :-) Go read debian-devel, you'll see that
no cover-up was ever considered and the discussions were carried out in
public view.
Thanks
Bruce
--
Bruce Perens K6BP [EMAIL PROTECTED]
Finger [EMAIL PROTECTED] for PGP public key.
PGP fingerprint = 88 6A 15 D0 65 D4 A3 A6 1F 89 6A 76 95 24 87 B3
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
[EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
